Antivirus firm warns of cyberattacks on home appliances

A photo taken on May 15, 2017 shows staff monitoring the spread of ransomware cyber-attacks at the Korea Internet and Security Agency (KISA) in Seoul. (AFP)
Updated 19 May 2017
0

Antivirus firm warns of cyberattacks on home appliances

PRAGUE: Avast, the company behind the leading antivirus software, has warned against attacks on home appliances connected to the Internet, calling hackers targeting home routers a major threat to consumers.
“It’s a trivial thing to do and there’s nothing the user can do to fix it, other than to throw the router away and put in a new router,” said Vincent Steckler, chief executive officer of Avast.
Ondrej Vlcek, Avast chief technology officer, said that more and more people were using Internet-enabled appliances which he described as “a total nightmare when it comes to security.”
Vulnerable appliances include TV sets, audio systems, coffee machines and toys, according to the Prague-based company, which every month registers 444 million users and prevents 3.5 billion malware attacks and 500 million visits to harmful websites.
In February, London police arrested a Briton suspected of staging a cyberattack on household routers run by Deutsche Telekom in November 2016, which knocked an estimated 1 million German households offline.
Steckler said his company had hacked into a router at a recent show in the US to demonstrate the harm such attacks can do.
Avast changed the router’s firmware, took control of a TV set and made it play a Barack Obama speech over and over.
“Even if you turn off the TV, the router turns the TV back on and the user can’t see anything other than the Obama speech,” Steckler said, adding that the hacker could then hold the TV for ransom.
“I know most people, especially Americans, care much more about their TV than they do about their data. They’d probably be much more willing to pay ransom for it,” he said.
China earlier urged Windows users to protect themselves against a new ransomware virus similar to the WannaCry bug that wreaked havoc worldwide last week.
“UIWIX” encrypts and renames files through a bug in the Windows operating system, China’s National Computer Virus Emergency Response Center (CVERC) warned in a public announcement on Wednesday, telling users to install the latest Microsoft update.
While no UIWIX infections have yet been detected in China, the virus has spread in other countries, prompting a security alert last week from the Danish cybersecurity company Heimdal Security.
“UIWIX ransomware is picking up where the first WannaCry wave left off, without a kill switch domain and the same self-replicating abilities that enable it to spread fast,” the firm said in a statement.
Heimdal cautioned that the new bug could be more powerful than WannaCry due to the absence of a kill switch domain that could contain the virus’s distribution.
But other analysts have noted that UIWIX appears to be spreading at a much slower pace.
Global cybersecurity firm Proofpoint warned on Wednesday about another large-scale, stealthy cyberattack linked to WannaCry called Adylkuzz.
The extent of Wannacry’s impact in China remains unclear.
On Sunday, Qihoo 360, one of China’s leading suppliers of anti-virus software, said more than 29,000 institutions ranging from government offices to ATMs and hospitals had been “infected” by Wannacry, singling out universities as particularly hard-hit.
But the Education Ministry’s China Education and Research Network denied that there had been widespread damage to computer systems, saying only 66 out of 1,600 Chinese universities were affected.
Sarah Larson, a politics and cybersecurity researcher at the University of New South Wales, told AFP that China’s preemptive alert about UIWIX may indicate that WannaCry sent the government “reeling.”
Larson said China is particularly vulnerable to malicious code because the majority of the country’s computer users are reliant on pirated software.
“Until now the government has done little to encourage the use of legitimate software,” she said.
“This reluctance is largely caused by a type of cyber sovereignty directed at the dominance of US tech companies like Microsoft.”
Severine Arsene, an Internet expert at the French Center for Research on Contemporary China, said the announcement, which noted the virus was “detected abroad,” is in line with China’s current rhetoric around cybersecurity.
“China has long claimed that they are a major victim of cyberattacks every year,” Arsene said, “whereas they are essentially portrayed as a source of cyberattacks by foreign media.”
The warning is intended “to publicly show that they are taking responsibility to help maintain security and stability online.”
The government will implement on June 1 a controversial cybersecurity bill tightening restrictions on online freedom of speech and imposing new rules on online service providers.
Fifty-four international trade groups signed a letter Monday calling on China to reconsider the law, arguing that it would create significant obstacles for foreign businesses.


World Bank shareholders approve $13 billion capital increase

Updated 39 min 16 sec ago
0

World Bank shareholders approve $13 billion capital increase

  • Capital increase follows three years of negotiations
  • Increase of $7.5 billion for main institution and $5.5 billion for IFC

World Bank shareholders approved a “historic” increase in the bank’s lending capacity late on Saturday after the United States backed a reform package that curbs loans and charges more for higher income countries like China.
World Bank President Jim Yong Kim said neither China nor any middle income countries was happy about the prospect of paying more for loans, but they agreed because of the overall increase in funds available.
The agreement, which also increase shares and voting power to large emerging market countries like China, was “a tremendous vote of confidence” in the institution that came after three years of tough negotiations, Kim said.
“World Bank Group bureaucrats don’t often jump around and high-five and hug each other,” Kim told a small group of reporters following the Spring meeting.
He said the increase was needed because even with the end of the global financial crisis, the bank has been called on to provide funding to address a new series of challenges facing poor countries, like climate change, refugees, pandemics, “all new things for us.”
The increase provides an additional $13 billion in “paid in” capital: $7.5 billion to the main institution and $5.5 billion to the bank’s private financing arm, the International Finance Corporation.
Kim said the increase will allow the bank to ramp up lending to an average of $100 billion a year through 2030, from $60 billion in 2017 and an expected $80 billion in 2018.
Countries will have five years to provide the funds, but can ask for a three-year extension. The last increase occurred in 2010 and added $5 billion to the bank’s capital and $200 million for the IFC.
The United States, the institution’s biggest shareholder, rejected the World Bank request in October and the administration of US President Donald Trump has argued that multilateral lending institutions should graduate countries that have grown enough to finance their own development, like China.
But US Treasury Secretary Steven Mnuchin on Saturday said Washington supports the increase because of the reforms to lending rules.
“I look at this as a package transaction... we support a capital increase on the World Bank, along with the associated reforms that they’re talking about making,” Mnuchin told reporters.
The increase requires legislative approval, but Mnuchin said he was hopeful Congress would back the plan. Kim also said he has had contact with representatives from both parties and received strong support.
In a statement to the World Bank’s governing committee, Mnuchin applauded the plan to “significantly shift lending to poorer clients.”
While he did not mention China by name, Mnuchin applauded the shift to a “new income-based lending allocation target and the re-introduction of differentiated pricing” for loans — meaning wealthier countries would pay higher interest rates.
“The latter will incentivize better-off, more creditworthy borrowers to seek market financing to meet their needs for development,” he said.
Mnuchin said the new arrangement, including for the IFC, “frees resources for countries that don’t have sustainable access to private capital markets.”P
China’s Vice Finance Minister Zhu Guangyao said Beijing supported increasing World Bank resources but had reservations about the agreement for changes in lending policies.
“We are concerned about some of the policy commitments in the capital package, such as those on graduation, maturity premium increase for loans and differentiated loan pricing based on national income per capita,” he said in a statement.
“We hope that the management take different national circumstances into full account in the implementation of the graduation policies... to ensure that these policies will not impede cooperation between the (bank) and upper middle income countries.”
Kim acknowledged that lending to China would decline, but only gradually. That means “whatever borrowing they do has to be as impactful as possible.”
And he noted that because of the capital increase, “we will be able to maintain volumes for middle income countries as a whole.”
Zhu said the capital increase is “a concrete measure to support multilateralism” at a time when “anti-globalization sentiments, unilateralism, protectionism in trade” were creating uncertainties in the global economy.